This specification relates to dynamic sandboxing.
Software sandboxing is a method for executing code in a controlled environment, such as a virtual machine or in a manner that restricts access to certain resources. Sandboxing may be used for computer security purposes, e.g., to run untrusted or unknown applications with restrictions that allow the code to be verified before the code is executed on a data processing apparatus without sandboxing restrictions. Sandboxing software takes time and involves a certain amount of overhead, in terms of system resources. Different sandbox methods have different restrictions, and the different sandbox methods often have different requirements for being used and, depending on which sandbox method is chosen, the observable overhead introduced also vary.